发表新帖
发表新帖

Log user out in Symfony 2 application when “remember me” is enabled

后端 未结
关注
3 1373
孤街浪徒
孤街浪徒 2020-12-09 19:55

I\'m looking for a way to log user out of Symfony 2 application, but could not find a way to do it properly.

I\'ve tried an approach described here: Symfony2: how to

3条回答
  • 余生分开走
    余生分开走 (楼主)
    2020-12-09 20:34

    Thanks to @nifr I was able to resolve this issue. Here's the bulletproof step-by-step guide to log user out of Symfony 2 application manually.

    Warning

    Symfony already implements the functionality of logging user out and deleting cookies. There is a LogoutListener who delegates those action to couple of logout handlers: CookieClearingLogoutHandler and SessionLogoutHandler. I think the best course of action would be to call those handlers and not to implement such low-level logic yourself. However, I can't find a way to do this.

    Solution

    This solution is for Symfony 2.6. The difference is in security.token_storage.

    1. Add two additional parameters to store cookie names for «session» and «remember me» to your parameters.yml:
    # parameters.yml

parameters:
    session.name: SESS
    session.remember_me.name: LONGSESS
    1. Update your config.yml to use the first parameter for session name:
    # config.yml

framework:
    session:
        name: "%session.name%"
    1. Update your security.yml to use the second parameter for remember me session name:
    # security.yml

security:
    firewalls:
        demo_secured_area:
            remember_me:
                name: "%session.remember_me.name%"
    1. Here's the code you can use to log current user out:

    You can use such code inside of a kernel event listener, if you want so.

    // SomeController.php

/**
 * @Route("/terminate", name="app.terminate")
 */
public function terminateAction()
{
    // Logging user out.
    $this->get('security.token_storage')->setToken(null);

    // Invalidating the session.
    $session = $this->get('request')->getSession();
    $session->invalidate();

    // Redirecting user to login page in the end.
    $response = $this->redirectToRoute('app.login');

    // Clearing the cookies.
    $cookieNames = [
        $this->container->getParameter('session.name'),
        $this->container->getParameter('session.remember_me.name'),
    ];
    foreach ($cookieNames as $cookieName) {
        $response->headers->clearCookie($cookieName);
    }

    return $response;
}

    Here's the implementation of kernel event listener which will force users to log out basing on entity property: Logging user out of Symfony 2 application using kernel event listener.

    I hope it helps.

    0 讨论(0)
 看不清?
提交回复
热议问题